Appln. No.: -09/429,643 
Amendment dated January 13, 2005 
Reply to Office Action of October 26, 2004 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims: 

Claim 1 (previously presented): A method of transmitting information between a first computer 
and a second computer over a network, comprising the steps of: 

(1) embedding in a header of each of a plurality of data packets a network address that 
periodically changes between successive data packets, wherein each network address is used to 
route packets over the network; 

(2) transmitting the plurality of data packets between the first computer and the second 
computer; 

(3) receiving the transmitted data packets at the second computer; and 

(4) for each received data packet, comparing the network address to a moving window of 
valid network addresses and, in response to detecting a match within the moving window, 
accepting the received data packet for further processing, and otherwise rejecting the received 
data packet. 

Claim 2 (previously presented): The method of claim 1, wherein step (1) comprises the step of 
using an Internet Protocol address in an Internet Protocol header as the network address, wherein 
the Internet Protocol address is used to route the data packets over the Internet. 

Claim 3 (canceled) 

Claim 4 (previously presented): The method of claim 1, further comprising the step of 
embedding an additional quasi-random value in a data field external to an Internet Protocol 
header of each data packet. 

Claim 5 (original): The method of claim 1, wherein steps (1) and (4) are performed in a data link 
layer of an ISO standard communication protocol. 
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Claim 6 (previously presented): The method of claim 1, wherein step (1) comprises the step of 
using a Media Access Control (MAC) hardware address as the network address, wherein the 
MAC hardware address is used to route the data packets on a local area network. 

Claim 7 (currently amended): The method of claim 1, wherein step (1) comprises the step of 
using a different network address for each successive data packet. 

Claim 8 (previously presented): The method of claim 1, further comprising the step of moving 
the window as each successive data packet is received. 

Claim 9 (currently amended): The method of claim 1, further comprising the step of sharing 
between the first computer and the second computer information sufficient to generate the set 
moving window 7 of valid network addresses. 

Claim 10 (previously presented): The method of claim 1, further comprising the step of 
transmitting from the first computer to the second computer an algorithm for selecting 
successively valid network addresses. 

Claim 11 (original): The method of claim 1, wherein step (4) comprises the step of using a 
presence vector to determine whether to accept each data packet. 

Claim 12 (previously presented): The method of claim 1, wherein step (4) comprises the step of 
using a hashing function to determine whether the network address is valid. 

Claim 13 (previously presented): The method of claim 1, further comprising the step of 
transmitting a synchronization request between the first computer and the second computer, 
wherein the second computer uses the synchronization request to maintain synchronization of 
valid network addresses. 



Page 3 of 15 



Appln.No.: 09/429,643 
Amendment dated January 13, 2005 
Reply to Office Action of October 26, 2004 

Claim 14 (original): The method of claim 13, further comprising the step of, in response to 
failure to receive a synchronization acknowledgement from the second computer, shutting off 
transmission of data packets to the second computer. 

Claim 15 (previously presented): The method of claim 13, further comprising the step of 
embedding a synchronization value in each data packet that permits the second computer to re- 
establish synchronization in a set of potentially valid network addresses. 

Claim 16 (previously presented): The method of claim 13, further comprising the step of moving 
the window of valid network addresses in the second computer in response to receiving the 
synchronization request from the first computer. 

Claim 17 (previously presented): The method of claim 1, wherein step (1) comprises the steps of 
embedding a periodically-changing Internet Protocol source address in an Internet Protocol 
header and embedding a periodically-changing Internet Protocol destination address in the 
Internet Protocol header, wherein the source and destination addresses are used to route each 
data packet over the Internet. 

Claim 18 (currently amended): The method of claim 17, further comprising the steps of: 
embedding a plurality of the data packets into a frame; and 

embedding a source and destination hardware address in the frame, wherein the source 
and destination hardware address are quasi-randomly generated and used to route the frame on a 
the network. 

Claim 19 (previously presented): The method of claim 1, further comprising the step of 
maintaining in the first computer a first transmit table and a first receive table, and maintaining 
in the second computer a second transmit table and a second receive table, 

wherein each transmit table comprises a list of valid network addresses that are to be 
inserted into outgoing data packets; 
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wherein each receive table comprises a list of valid network addresses that are to be 
compared against incoming data packets; and 

wherein the first transmit table in the first computer matches the second receive table in 
the second computer; and wherein the first receive table in the first computer matches the second 
transmit table in the second computer. 

Claim 20 (previously presented): A method of transmitting data packets over a network 
comprising a plurality of computers connected to each other through a plurality of physical 
transmission paths, the method comprising the steps of: 

(1) for each of a plurality of data packets, randomly selecting one of the plurality of 
physical transmissions paths through the plurality of computers; 

(2) selecting a next pair of source and destination network addresses generated from an 
algorithm that generates a plurality of pairs of source and destination network addresses each 
associated with the one randomly selected physical transmission path; and 

(3) transmitting each data packet over the randomly selected physical transmission path 
using the selected next pair of source and destination network addresses. 

Claim 21 (canceled) 

Claim 22 (original): The method of claim 20 wherein step (1) comprises the step of avoiding 
selection of a path that is not operational. 

Claim 23 (previously presented): A system comprising: 

a first computer that embeds into each of a plurality of data packets a network address 

that periodically changes between successive data packets, wherein each network address is used 

to route packets over a network; and 

a second computer coupled to the first computer through the network, 

wherein the first computer transmits the plurality of data packets to the second computer, 

and 
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wherein the second computer receives the transmitted data packets, compares the network 
address in each received data packet to a moving window of valid network addresses and, in 
response to detecting a match, accepts the received data packet for further processing, and 
otherwise rejects the received data packet. 

Claim 24 (previously presented): The system of claim 23, wherein the first computer embeds 
into each of the plurality of data packets an Internet Protocol address in an Internet Protocol 
header as the network address, wherein the Internet Protocol address is used to route the data 
packets over the Internet. 

Claim 25 (canceled) 

Claim 26 (previously presented): The system of claim 23, wherein the first computer embeds an 
additional quasi-random value in a data field external to an Internet Protocol header of each data 
packet. 

Claim 27 (previously presented): The system of claim 23, wherein the first computer embeds 
each network address in a first data link layer of an ISO standard communication protocol, and 
wherein the second computer compares each network address in a second data link layer of the 
ISO standard communications protocol. 

Claim 28 (previously presented): The system of claim 23, wherein the first computer embeds a 
Media Access Control (MAC) hardware address as the network address, wherein the MAC 
hardware address is used to route the data packets on a local area network. 

Claim 29 (currently amended): The system of claim 23, wherein the first computer embeds a 
different network address for each successive data packet. 
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Claim 30 (previously presented): The system of claim 23, wherein the second computer moves 
the window as each successive data packet is received. 

Claim 31 (currently amended): The system of claim 23, wherein the first and second computers 
share common information sufficient to generate the se^ moving window of valid network 
addresses. 

Claim 32 (previously presented): The system of claim 23, wherein the first computer transmits to 
the second computer an algorithm for selecting successively valid network addresses. 

Claim 33 (original): The system of claim 23, wherein the second computer uses a presence 
vector to determine whether to accept each data packet. 

Claim 34 (previously presented): The system of claim 23, wherein the second computer uses a 
hashing function to determine whether the network address is valid. 

Claim 35 (previously presented): The system of claim 23, wherein the first computer transmits to 
the second computer a synchronization request, wherein the second computer uses the 
synchronization request to maintain synchronization of valid network addresses. 

Claim 36 (original): The system of claim 35, wherein the first computer, in response to failure to 
receive a synchronization acknowledgement from the second computer, shuts off transmission of 
data packets to the second computer. 

Claim 37 (previously presented): The system of claim 35, wherein the first computer embeds a 
synchronization value in each data packet that permits the second computer to re-establish 
synchronization in a set of potentially valid network addresses. 
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Claim 38 (previously presented): The system of claim 35, wherein the second computer moves a 
window of valid network addresses in response to receiving the synchronization request from the 
first computer. 

Claim 39 (previously presented): The system of claim 23 , wherein the first computer embeds a 
periodically-changing Internet Protocol source address in an Internet Protocol header and 
embeds a periodically-changing Internet Protocol destination address in the Internet Protocol 
header, wherein the source and destination addresses are used to route each data packet over the 
Internet. 

Claim 40 (currently amended): The system of claim 39, wherein the first computer embeds a 
plurality of the data packets into a frame and embeds a source and destination hardware address 
in the frame, wherein the source and destination hardware address are quasi-randomly generated 
and used to route the frame on a-the network. 



Claim 41 (previously presented): The system of claim 23, 

wherein the first computer comprises a first transmit table and a first receive table, 
wherein the second computer comprises a second transmit table and a second receive 

table, 

wherein each transmit table comprises a list of valid network addresses that are to be 
inserted into outgoing data packets, 

wherein each receive table comprises a list of valid network addresses that are to be 
compared against incoming data packets, 

wherein the first transmit table in the first computer matches the second receive table in 
the second computer, and 

wherein the first receive table in the first computer matches the second transmit table in 
the second computer. 
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Claim 42 (previously presented): A router coupled to a network comprising a plurality of 
computers connected to each other through a plurality of physical transmission paths, 

wherein the router receives a plurality of data packets for transmission across the 
network; and 

wherein the router, for each data packet, randomly selects one of the plurality of physical 
transmission paths through the plurality of computers and transmits each data packet over the 
randomly selected physical transmission path using a pair of source and destination network 
addresses generated from an algorithm that generates a plurality of pairs of source and 
destination addresses each associated with the one randomly selected physical transmission path. 

Claim 43 (canceled) 

Claim 44 (previously presented): The router of claim 42, wherein the router avoids selection of a 
non-operational path. 

Claim 45 (previously presented): A system comprising in combination: 

a transmitting node that generates pseudo-random network addresses and embeds the 
pseudo-random network addresses into headers of data packets for transmission; and 

a receiving node that receives data packets transmitted by the transmitting node, wherein 
the receiving node, for each received packet, extracts each pseudo-randomly generated network 
address, compares it to a moving window of potentially valid network addresses shared between 
the transmitting node and the receiving node and, in response to detecting a match, accepts the 
data packet, and otherwise discards the packet. 

Claim 46 (previously presented): The system of claim 45, wherein the receiving node maintains 
a window of valid network addresses, wherein the window is moved in response to detecting a 
match. 
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Claim 47 (previously presented): The system of claim 45, wherein each pseudo-randomly 
generated network address comprises a valid Internet Protocol address that is assigned to the 
receiving node. 

Claim 48 (previously presented): The system of claim 45, wherein each pseudo-randomly 
generated network address comprises a valid Media Access Control (MAC) hardware address 
that is assigned to the receiving node. 

Claim 49 (previously presented): The system of claim 45, wherein the transmitting node 
generates a different pseudo-randomly generated network address for each successive data 
packet. 

Claim 50 (previously presented): A receiving computer that receives data packets from a 
transmitting computer, wherein the receiving computer comprises computer instructions that 
execute the steps of: 

(1) for each received data packet, extracting a discriminator value inserted by the 
transmitting computer; 

(2) comparing the extracted discriminator value to a set of valid discriminator values on 
the basis of information previously shared with the transmitting computer; and 

(3) in response to detecting a match in step (2), accepting the received data packet for 
further processing and otherwise rejecting the data packet, wherein the receiving computer 
maintains a sliding window of valid discriminator values, wherein the window slides to 
encompass a next range of valid discriminator values in response to detecting matches. 

Claim 51 (original): The receiving computer of claim 50, wherein the receiving computer further 
comprises computer instructions that extract as the discriminator value an Internet Protocol 
address from a header portion of each data packet. 

Claim 52 (canceled) 
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Claim 53 (original): The receiving computer of claim 50 5 wherein the receiving computer 
receives information from the transmitting computer sufficient to establish the set of valid 
discriminator values. 

Claims 54-67 (canceled) 

Claim 68 (previously presented): A transmitting computer that transmits data packets to a 
receiving computer over a network, wherein the transmitting computer comprises computer 
instructions that execute the step of, for each transmitted data packet, inserting into a header of 
the data packet a network address for extraction by the receiving computer, wherein the network 
address is used to route data packets over the network and is generated using an algorithm that 
selects the network address quasi-randomly from a plurality of network addresses that are each 
mapped to the receiving computer. 

Claim 69 (previously presented): The transmitting computer of claim 68, wherein the 
transmitting computer further comprises computer instructions that insert as the network address 
an Internet Protocol address into the header portion of each data packet. 

Claim 70 (previously presented): The transmitting computer of claim 68, wherein the 
transmitting computer transmits information to the receiving computer sufficient to establish a 
set of valid network addresses. 

Claims 71-97 (canceled) 

Claim 98 (new): The method of claim 1, wherein steps (1) and (4) are performed in a data link 
layer of a standard communication protocol. 



Page 11 of 15 



Appln.No.: 09/429,643 
Amendment dated January 13, 2005 
Reply to Office Action of October 26, 2004 

Claim 99 (new): The method of claim 1, wherein step (1) comprises the step of using a hardware 
address as the network address, wherein the hardware address is used to route the data packets on 
a local area network. 

Claim 100 (new): The system of claim 23, wherein the first computer embeds each network 
address in a first data link layer of a standard communication protocol, and wherein the second 
computer compares each network address in a second data link layer of the standard 
communications protocol. 

Claim 101 (new): The system of claim 23, wherein the first computer embeds a hardware address 
as the network address, wherein the hardware address is used to route the data packets on a local 
area network. 

Claim 102 (new): The system of claim 45, wherein each pseudo-randomly generated network 
address comprises a valid hardware address that is assigned to the receiving node. 
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